Larry Schwarberg: How to Stop Holiday Shopping Scams

Published on December 21, 2020

Online marketplaces and express shipping make last-minute holiday shopping relatively convenient and easy, making it easier for holiday shopping scams to pop up. An 31 percent of Americans wait to do their shopping between Black Friday and Christmas day.

Christmas is now just days away and many shoppers are looking to buy presents online and pick them up in store or have them shipped to their homes. But shoppers beware: scammers could ruin your holidays by stealing your personal and financial information.

When it comes to cybersecurity, greater convenience almost always coincides with increased risk. Retail IT professionals see a 31 percent increase in cyberattacks during the holiday season. Phishing emails, fake websites and promotional scams are a few ways cybercriminals try to take advantage of frantic last-minute shoppers. However, despite an increased risk of cyberattacks this time of year, three in five U.S. adults prefer online shopping to brick-and-mortar stores, according to a University of Phoenix survey. What’s worse, 66 percent said that the convenience of online shopping during the holidays outweighs the risk of a potential data breach.

Online shopping can be a big gamble with a lot to lose. U.S. consumers broke records this year, spending $58.5 billion online last month, thanks to Black Friday and Cyber Monday. But that was just the tip of the iceberg. Statista projects December sales to overshadow November by nearly $7 billion, reaching as much as $65.5 billion in total sales.

The majority of retailers are taking action to help limit breaches, but consumers must be smart about where and how they shop online. According to the same University of Phoenix survey, three in five respondents said that they are more concerned about their online safety during the holidays than at other times.

Among those, nearly half said their concern stems from making more purchases at that time and a quarter because they have been breached previously. A separate University survey conducted earlier in the year on personal cybersecurity habits emphasizes the need to practice safe online habits during the holiday season. Forty-three percent of the U.S. adults included in that survey had experienced a data breach in the past three years. As a result, the same amount (43 percent) felt less secure from cyberattacks compared to last year.

The personal cybersecurity survey suggests that the data breaches could be the result of a few “bad online habits.” Seventy-eight percent said that they leave themselves vulnerable by doing such things as using the same passwords (45 percent), granting social media access to personal information (34 percent) and storing financial information on retail sites (29 percent).

Changing these habits is a good starting point to help increase protection this holiday season and beyond. For those still planning to buy presents online over the coming week, here are three recommendations to help shop safer online.


It may be tempting to shop deals and make purchases from unfamiliar websites offering the lowest price. But if a retailer or website looks too-good-to-be-true, chances are it is. Misspellings or off-brand logos and content are tell-tale signs of counterfeit websites.

A padlock in the address bar and URL starting with “https” can be helpful signs that a website is secure, but don’t treat them as gospel. They only mean that communication is encrypted and could be used by cybercriminals. Always research unfamiliar sites and check reviews before making purchases.


Phishing is one of the most popular forms of cyberattacks today. It can come in many forms, like a fake email from a reputable organization or link to a killer sale from a friend on social media. These attacks are designed to resemble trusted connections to lure you into opening links containing viruses.

To ensure that you’re shopping at only trusted online retailers, refrain from opening emails or clicking links from sources you weren’t expecting or are unsure of. If you do elect to visit a site, type the web address directly into the browser. Avoid clicking on links as they could contain malware.


December is the season of giving, so give yourself added security by updating and strengthening your passwords. Many of us are guilty of using easy-to-find information for our passwords, like significant dates or pets’ names. If this information can be found on public-facing websites, like social media, they can be easy for criminals to crack.

When developing new passwords, make sure they are long, contain special characters (numbers and symbols) and are not easy to guess. Including random capital letters or numbers can be helpful. Another way to increase passwords security is to install multi-factor authentication to websites and devices. This is a second layer of security to help block any unwanted activity.

If you still need to check off some names on your shopping list, consider following these recommended steps to help combat cybercriminals. Stay safe this holiday season by shopping smart and securing your personal information.

Editor’s Note: This article was originally published on December 18, 2018.

Larry Schwarberg is a columnist at Grit Daily. He is the Chief Information Security Officer for University of Phoenix. Larry holds a Master of Science degree in Management – Information Security from Colorado Technical University. He has held positions of increasing responsibility in the finance, managed hosting, healthcare, pharmaceutical and higher education industries as well as serving on vendor security advisory councils.

Read more

More GD News